Overview

URLs1-filecr.xyz/c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b
IP 51.195.6.135 (France)
ASN#16276 OVH SAS
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-29 17:29:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert12
urlquery alerts No alerts detected
Tags None

Domain Summary (10)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
fonts.gstatic.com (2) 0 2014-09-09 00:40:21 UTC 2022-11-29 07:36:52 UTC 216.58.207.227 Domain (gstatic.com) ranked at: 540
fonts.googleapis.com (2) 8877 2013-06-10 20:14:26 UTC 2022-11-29 09:35:58 UTC 142.250.74.106
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
s1-filecr.xyz (27) 0 2020-10-23 18:17:31 UTC 2022-11-29 16:48:33 UTC 51.195.6.135 Unknown ranking
r3.o.lencr.org (8) 344 No data No data 23.33.119.27
firefox.settings.services.mozilla.com (1) 867 2020-06-04 20:08:41 UTC 2022-11-29 05:48:55 UTC 34.102.187.140
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-29 05:51:44 UTC 34.117.237.239
ocsp.pki.goog (9) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.131

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-29 2 s1-filecr.xyz/c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/flickity.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/typed.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/datepicker.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/granim.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/jquery.steps.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/countdown.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/smooth-scroll.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/jquery-3.1.1.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/jquery.dataTables.min.js Malware
2022-11-29 2 s1-filecr.xyz/themes/spirit/assets/frontend/js/scripts.js Malware
2022-11-29 2 s1-filecr.xyz/c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 51.195.6.135
Date UQ / IDS / BL URL IP
2023-02-02 20:57:35 +0000 0 - 0 - 2 s1-filecr.xyz/8eeab207afbedf7c 51.195.6.135
2023-02-02 19:35:34 +0000 0 - 0 - 2 s1-filecr.xyz/e2d0ceb202b5d2e2 51.195.6.135
2023-02-02 19:02:15 +0000 0 - 0 - 2 s1-filecr.xyz/15e398bbb6472e3b 51.195.6.135
2023-01-23 05:17:00 +0000 0 - 0 - 2 s1-filecr.xyz/0bce40175eba7bf5 51.195.6.135
2023-01-22 22:30:59 +0000 0 - 0 - 13 s1-filecr.xyz/7b2de07044e4431c?download_token (...) 51.195.6.135


Last 5 reports on ASN: OVH SAS
Date UQ / IDS / BL URL IP
2023-02-03 13:34:24 +0000 0 - 1 - 0 www.bitslogic.com/start.php?email=dwhenderson (...) 147.135.94.162
2023-02-03 13:33:46 +0000 0 - 0 - 1 51.79.99.145/Oceanofgames.com/Gta_Vice_City.z (...) 51.79.99.145
2023-02-03 13:32:22 +0000 0 - 0 - 1 secure-en.online/alliancefin(1).zip 51.210.113.204
2023-02-03 12:54:20 +0000 0 - 1 - 0 ema.doox.cloud/campaigns/ea609rcn1sd9f/track- (...) 137.74.189.147
2023-02-03 12:53:58 +0000 0 - 0 - 2 travelodge.es/wp-admin/jss/security.php 54.36.194.242


Last 5 reports on domain: s1-filecr.xyz
Date UQ / IDS / BL URL IP
2023-02-02 20:57:35 +0000 0 - 0 - 2 s1-filecr.xyz/8eeab207afbedf7c 51.195.6.135
2023-02-02 19:35:34 +0000 0 - 0 - 2 s1-filecr.xyz/e2d0ceb202b5d2e2 51.195.6.135
2023-02-02 19:02:15 +0000 0 - 0 - 2 s1-filecr.xyz/15e398bbb6472e3b 51.195.6.135
2023-01-23 05:17:00 +0000 0 - 0 - 2 s1-filecr.xyz/0bce40175eba7bf5 51.195.6.135
2023-01-22 22:30:59 +0000 0 - 0 - 13 s1-filecr.xyz/7b2de07044e4431c?download_token (...) 51.195.6.135


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-22 22:30:59 +0000 0 - 0 - 13 s1-filecr.xyz/7b2de07044e4431c?download_token (...) 51.195.6.135
2022-10-26 18:40:22 +0000 0 - 0 - 13 s1-filecr.xyz/d865cdd1f9b5a4fd?download_token (...) 51.195.6.135
2022-10-20 21:48:29 +0000 0 - 0 - 13 s1-filecr.xyz/559d8568cd598c58?download_token (...) 51.195.6.135
2022-09-14 06:48:00 +0000 0 - 0 - 13 s1-filecr.xyz/02b823794110a399?download_token (...) 51.195.6.135
2022-09-04 15:21:50 +0000 0 - 0 - 13 s1-filecr.xyz/b5ee0026ef72f0fb?download_token (...) 51.195.6.135

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (59)


Request Response
                                        
                                            GET /c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         51.195.6.135
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Nov 2022 17:28:57 GMT
Content-Length: 194
Connection: keep-alive
Location: https://s1-filecr.xyz/c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   194
Md5:    ec0f2d6d8da7997a10f72a2537729e59
Sha1:   d6b8ca36f266d92775f5b757e65b8c10c747c30a
Sha256: 95e1144ae5faba1d6ea1ac58b29b1e8d0399125e4dbc6a17d50d0bf5cf3bdcf8

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4949
Expires: Tue, 29 Nov 2022 18:51:27 GMT
Date: Tue, 29 Nov 2022 17:28:58 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2686
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 17:28:58 GMT
Last-Modified: Tue, 29 Nov 2022 16:44:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 17:17:55 GMT
cache-control: public,max-age=3600
age: 663
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6117
Expires: Tue, 29 Nov 2022 19:10:55 GMT
Date: Tue, 29 Nov 2022 17:28:58 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: Z3SPZr6VplLCj21m1tT6nogVJMZAByGV4cl5dNnycwI+F3WFBigdvvVkFLdJ6WjP8N1w17ewYeo=
x-amz-request-id: QDXZJ1SQ4MWR6VXG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 17:21:46 GMT
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
age: 432
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E1B49D8817BBBF35E1E37B3B10D473EF1CFE232EFD7B9594ADA64DE1FFC08482"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4242
Expires: Tue, 29 Nov 2022 18:39:40 GMT
Date: Tue, 29 Nov 2022 17:28:58 GMT
Connection: keep-alive

                                        
                                            GET /themes/spirit/assets/frontend/css/bootstrap.min.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 76917
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-12c75"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65324)
Size:   76917
Md5:    bc48830f50049b0cbbe3dd417755a347
Sha1:   e5cdb6545f9b4bce4eeda78f64a714e2de4d0e09
Sha256: 7d56baeec9679114562cdc56d3f28cb9a43263cada11b1f64809851e7a8b1419
                                        
                                            GET /themes/spirit/assets/frontend/css/stack-interface.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 3082
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-c0a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   3082
Md5:    6406d626f8bfc1e6815698bfecf9a2f8
Sha1:   a918901be3ab1b9bb4ce9980db521eb4731bb82b
Sha256: f620d1bf10d3f45a7b19edd4f863090c5dd5031411918508493634c4018e81b7
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/spirit/assets/frontend/css/socicon.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 9283
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-2443"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   9283
Md5:    b23fff7d228bbe8796ad8b3d280e3401
Sha1:   1a9861031bda4d3c1cb58564107d8b777982750b
Sha256: 17beb90ae4f385180d6b7d184dcb640ccd2a360e4ee03af0254c83b00ef87202
                                        
                                            GET /themes/spirit/assets/frontend/css/lightbox.min.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 3668
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-e54"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   3668
Md5:    40cab6b747df96a8a66f5c0ac4e034dd
Sha1:   85dd24bc614fb1ecaeb873f4e686213aa53927c3
Sha256: 798da60d899fcd9aa5074834d88b63c398dd72af5711ed48d7f68dde8dc8db5e
                                        
                                            GET /themes/spirit/assets/frontend/css/flickity.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 2392
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-958"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   2392
Md5:    5439695b076327f53edcda86d192856b
Sha1:   d938327051f0bf044bc65b68721ad3193bd2ef12
Sha256: 1709404c1e9beb94953cc95fcc3477e7cb4213e03bfe9bbe0f8a37877c1c6e42
                                        
                                            GET /themes/spirit/assets/frontend/css/jquery.steps.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 5638
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-1606"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   5638
Md5:    a0ed38e9ba9498867df1f62407377def
Sha1:   6d2278f924b80328695e8fe5213b252ae499fc77
Sha256: 70110803124af60b1e1dc1ea3c0408353947b4a0d7000f47873c85287de875d5
                                        
                                            GET /themes/spirit/assets/frontend/css/font-awesome.min.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 59115
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-e6eb"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (58929)
Size:   59115
Md5:    66e407beb68fdbb8bacd87d91ddf7829
Sha1:   5ed55601e30871fb757dc4b78a40a432f9a3600b
Sha256: eb98a660b34391ce502005c6b8553af83defcf0832489134efb499498051d1d9
                                        
                                            GET /themes/spirit/assets/frontend/css/custom.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 7688
last-modified: Wed, 14 Oct 2020 12:34:48 GMT
etag: "5f86f068-1e08"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  assembler source, ASCII text, with CRLF line terminators
Size:   7688
Md5:    38f44a7729b532fd9f94dcc4e1547101
Sha1:   484dda581fb85abfccc7873496061bcb352ecd22
Sha256: 4c7ecb7df5a5d283345eec84b2a9d4f5f55299fa65a0ab1ccc6e2bd92422b8af
                                        
                                            GET /themes/spirit/assets/frontend/css/iconsmind.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 96447
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-178bf"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   96447
Md5:    39aa385af1cfd640bac73a09de3ac9fe
Sha1:   6d17dff21d04138cd8ab3ef9dfe1eae79994834c
Sha256: 0909de268b3276cb7464acb2f86701f62974a893dd374312908a3f8efc363438
                                        
                                            GET /themes/spirit/assets/frontend/js/flickity.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 53861
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-d265"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32032)
Size:   53861
Md5:    81a84001ccd9bdd589d1b4f187311b15
Sha1:   5cdf8cb0d97b5b16a5f812e1541ad387a7cb8af5
Sha256: 5a28889b1faf91d12eeb5b5d173c50135eefd7fdc29a951b365340cf473bd9b2

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/typed.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 3949
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-f6d"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3949), with no line terminators
Size:   3949
Md5:    2f6185a8a32a50b2b3e04849f44359d4
Sha1:   0e5501588c5c0d1c9462f34b0d56c21abff5bfef
Sha256: 914df93a9770d8a0e132b6ce3e8f1cfba0e0fae8f3b9002a3f0eb47c3d0cc97b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/datepicker.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 20975
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-51ef"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12692), with CRLF line terminators
Size:   20975
Md5:    8cfe207a6a21c7495cfb751c761217a6
Sha1:   35d686a6c4ecc9946c35444ce93e110cb0e1611c
Sha256: 804e3c2608de23694fa71684178e2f9815115d56ee022ec770e1fcb208847acc

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/granim.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 10634
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-298a"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (10573)
Size:   10634
Md5:    2c16a9a724563fc0c306abb5bdeb03fe
Sha1:   90c2032537714e66059a3eaa150b93f3c9c80163
Sha256: 997a15cf01d5118cb0106587f441c32de2074c8dc12d85cf7c7dc430e2ee342e

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/jquery.steps.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 13857
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-3621"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (13686)
Size:   13857
Md5:    4c5e9f4e84d32b7df69af7420b355e03
Sha1:   14e1e287ec98e8cc0a992ee996783b0c42f9ec0f
Sha256: c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/countdown.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 5339
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-14db"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4136)
Size:   5339
Md5:    5d3ff3c3fbaa67cc639501f44eeb07be
Sha1:   bd66e4cd58de09c198e7abc77fa4c883955d189e
Sha256: 2249399b2268c260d0698542503d16afebc80e437c846239f12196744ebbd40f

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/smooth-scroll.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 6006
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-1776"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4887)
Size:   6006
Md5:    b67e171349c4716dd7bb15c018a2c8c1
Sha1:   60b204148c0eed83b06043897d1cbd54709eab66
Sha256: 8daef829c397c41e42a1f9faffc25aa4834334e5305805419933a1b44b6c1e30

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/jquery-3.1.1.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 86709
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-152b5"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030)
Size:   86709
Md5:    e071abda8fe61194711cfc2ab99fe104
Sha1:   f647a6d37dc4ca055ced3cf64bbc1f490070acba
Sha256: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/frontend/js/jquery.dataTables.min.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 69604
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-10fe4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (768)
Size:   69604
Md5:    737f853e9fd6a31d62f5028e88663c9f
Sha1:   cf144f2ab49f53a69fbfe10d3588fc23437d2736
Sha256: 6c3ca64b7acfdd29b3ca6f1b9b46696369abd462d4546182085c347f72211841

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /themes/spirit/assets/images/logo/logo-whitebg.png HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 6487
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-1957"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size:   6487
Md5:    88b2ad9d81e2bdf1f6e3b17a637f2029
Sha1:   1a0764a7cb830d3fca90e2c78a9e1ce6f0a3ed40
Sha256: 2ec3e0692321a2805e95db5716e5e92d35e20f49dc1a3e9796a5def6e6254e82
                                        
                                            GET /themes/spirit/assets/images/logo/logo.png HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 6311
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-18a7"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 431 x 94, 8-bit/color RGBA, non-interlaced\012- data
Size:   6311
Md5:    fbacfafaffafec65fc4114568cb60858
Sha1:   bd497e5f6747dffe54893e7947275c56efccf53d
Sha256: 3393c294229659297948d0e84894dfe1f8814ca0905711bcee4e2ab213c473ea
                                        
                                            GET /themes/spirit/assets/frontend/js/scripts.js HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 111905
last-modified: Wed, 14 Oct 2020 17:17:02 GMT
etag: "5f87328e-1b521"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (914)
Size:   111905
Md5:    ccd6c308b2b8e36ae154d7bacea4240d
Sha1:   f7d2f7195150771246dd599dbb4ff3bc2f0f2179
Sha256: fc2a8bf60f1e7577697c0b457c01aeeecfd2b18ea68c93e2d374bf6d95fbe7a0

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /themes/spirit/assets/frontend/css/theme.css HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 197080
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-301d8"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /themes/spirit/assets/frontend/fonts/stack-interface.woff2?33839631 HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://s1-filecr.xyz/themes/spirit/assets/frontend/css/stack-interface.css
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 4292
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-10c4"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 4292, version 1.0\012- data
Size:   4292
Md5:    ae072782b361d2afdbf43db08d3cfb73
Sha1:   f3db2e65b53d97491672f8631e21d6d05905cc88
Sha256: 31205df908aed9881f6d2d3ae7d38975252bf99e38268978b4236dc3c314754b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s1-filecr.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:52:41 GMT
expires: Tue, 28 Nov 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 81377
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size:   44856
Md5:    565ce506190ad3af920b40baf1794cec
Sha1:   ad3cba5d06100e09449a864d3b5e58403b478b3d
Sha256: 8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
                                        
                                            GET /s/opensans/v34/memQYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWq8tWZ0Pw86hd0Rk8ZkWVAewA.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://s1-filecr.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17820
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:56:05 GMT
expires: Tue, 28 Nov 2023 18:56:05 GMT
cache-control: public, max-age=31536000
age: 81173
last-modified: Mon, 15 Aug 2022 18:13:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 17820, version 1.0\012- data
Size:   17820
Md5:    3d5107abaf7bf4df5478bd04625c0929
Sha1:   b04d394caabf6ea3e500b74781dc2bfd54f3c18d
Sha256: 9ad0a22b0c58240a7a92b4c01aa31f39a5918dea6a8fdfa77e63042abc4fca31
                                        
                                            GET /themes/spirit/assets/frontend/img/favicon/apple-touch-icon.png HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 5016
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-1398"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Size:   5016
Md5:    a9a8c24cea41bed7ef78ed1d12d48291
Sha1:   cd86d71e15b97ab602e0e39bb6e9bbaf6779f4d7
Sha256: 3b379c83d1c0b117cec88debed9390723daffc2fb99cf51cc2175c47169d190e
                                        
                                            GET /themes/spirit/assets/frontend/img/favicon/favicon-16x16.png HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
Cookie: filehosting=21t8av72aflvspjteviv8i7m1d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         51.195.6.135
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx/1.14.0 (Ubuntu)
date: Tue, 29 Nov 2022 17:28:58 GMT
content-length: 447
last-modified: Sat, 26 Sep 2020 15:46:36 GMT
etag: "5f6f625c-1bf"
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   447
Md5:    f3d5da06fe8d5a2425d5d229285e5eea
Sha1:   01032b864f3c74bbf44771e2ba41eeb2251fad90
Sha256: d11d596429d3543bfb07191a87a67a8c22e198113c6f3a109158a5a85bf82f26
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 29 Nov 2022 17:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6383
Cache-Control: max-age=149052
Date: Tue, 29 Nov 2022 17:28:59 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:53:11 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /icon?family=Material+Icons HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 17:28:58 GMT
date: Tue, 29 Nov 2022 17:28:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   341
Md5:    c96b77603ec4024ccfffb4e30ae6071f
Sha1:   2941df882e5a3b43c09650cd37f33ee6b2fb27bf
Sha256: 4ec3702878b17d3951bbc1716b231357c875a0646cdb730d2a1cb5025c165307
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 17:29:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 17:29:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 17:29:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 17:29:00 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.33.119.27
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8602
Expires: Tue, 29 Nov 2022 19:52:22 GMT
Date: Tue, 29 Nov 2022 17:29:00 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:05:38 GMT
age: 48202
etag: "433061bbb226048765a711deca3026ee3e52372f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9203
Md5:    5d574c4db20a68295dbd06cb08f5990b
Sha1:   433061bbb226048765a711deca3026ee3e52372f
Sha256: 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
age: 70315
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8921
Md5:    823e92f62ff7b3c2093828817d7f2866
Sha1:   c501de9eaa581a10b0b5fce40b54bb10f57f7c29
Sha256: 7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 45399
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10176
Md5:    03014221d7f49b50ffc2d1b0a0e75457
Sha1:   772d86ad983042a728ee3490630a9cf1134ad0dd
Sha256: 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 52063
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4916
Md5:    83c1fedec73299637cc7dc47c48af758
Sha1:   2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
Sha256: 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 70732
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4417
Md5:    a2a5c8d4113d282600462749315f2c4f
Sha1:   e2b4d2e15bb7c086333c0da438873e4c139ba931
Sha256: 9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 52408
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9430
Md5:    1f434933b5bd6377d299ada22d1ae7ef
Sha1:   075531f525e625b117b2497f31139c9824d0e9c5
Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
                                        
                                            GET /c1aee33fcfdd54b7?download_token=6bcb94c1be4ce73894b72b HTTP/1.1 
Host: s1-filecr.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         51.195.6.135
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.14.0 (Ubuntu)
location: https://s1-filecr.xyz/error?e=File+can+not+be+located%2C+please+try+again+later.
set-cookie: filehosting=21t8av72aflvspjteviv8i7m1d; expires=Wed, 30-Nov-2022 17:28:58 GMT; Max-Age=86400; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, no-cache
date: Tue, 29 Nov 2022 17:28:58 GMT
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /css?family=Open+Sans:200,300,400,400i,500,600,700%7CMerriweather:300,300i HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s1-filecr.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 17:28:58 GMT
date: Tue, 29 Nov 2022 17:28:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---